Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > FragAttacks - zofooka zingapo pamiyezo ya Wi-Fi ndi kukhazikitsa

FragAttacks - zofooka zingapo pamiyezo ya Wi-Fi ndi kukhazikitsa

Mathy Vanhoef, mlembi wa KRACK kuwukira kwa ma network opanda zingwe, adawulula zambiri zokhudzana ndi ziwopsezo 12 zomwe zimakhudza zida zosiyanasiyana zopanda zingwe. Mavuto omwe adadziwika amaperekedwa pansi pa dzina lachidziwitso FragAttacks ndikuphimba pafupifupi makhadi onse opanda zingwe ndi malo ofikira omwe akugwiritsidwa ntchito - pazida 75 zomwe zidayesedwa, chilichonse chimatha kutengera njira imodzi yowukira.

Mavutowa amagawidwa m'magulu awiri: Zowonongeka za 3 zidadziwika mwachindunji pamiyezo ya Wi-Fi ndikuphimba zida zonse zomwe zimathandizira miyezo yaposachedwa ya IEEE 802.11 (mavuto adatsatiridwa kuyambira 1997). Zowonongeka za 9 zimagwirizana ndi zolakwika ndi zolakwika pakukhazikitsa kwapadera kwa ma stacks opanda zingwe. Choopsa chachikulu chikuyimiridwa ndi gulu lachiwiri, popeza kukonzekera kuukira kwa zofooka pamiyezo kumafuna kukhalapo kwa zoikamo zenizeni kapena kuchita zinthu zina ndi wozunzidwayo. Zowonongeka zonse zimachitika mosasamala kanthu za ndondomeko zomwe zimagwiritsidwa ntchito pofuna kutsimikizira chitetezo cha Wi-Fi, kuphatikizapo kugwiritsa ntchito WPA3.

Njira zambiri zowukira zomwe zazindikirika zimalola wowukirayo kuti alowe m'malo mwa mafelemu a L2 mu netiweki yotetezedwa, zomwe zimapangitsa kuti zitheke kulowa mumsewu wa wozunzidwayo. Chochitika chowoneka bwino kwambiri ndikuwononga mayankho a DNS kuti atsogolere wogwiritsa ntchito yemwe akuwukirayo. Chitsanzo chimaperekedwanso chogwiritsa ntchito zofooka kuti mulambalale womasulira adilesi pa rauta yopanda zingwe ndikukonzekera njira yolowera pachida pamaneti am'deralo kapena kunyalanyaza zoletsa zozimitsa moto. Gawo lachiwiri la zofooka, zomwe zimagwirizanitsidwa ndi kukonzedwa kwa mafelemu ogawanika, zimapangitsa kuti zitheke kuchotsa deta yokhudzana ndi magalimoto pa intaneti yopanda zingwe ndikuchotsa deta ya ogwiritsa ntchito popanda kubisa.

Wofufuzayo wakonza chionetsero chosonyeza momwe zofooka zingagwiritsire ntchito kusokoneza mawu achinsinsi omwe amaperekedwa mukalowa patsamba kudzera pa HTTP popanda encryption. Ikuwonetsanso momwe mungawukire socket yanzeru yomwe imayendetsedwa kudzera pa Wi-Fi ndikuigwiritsa ntchito ngati kasupe kuti mupitilize kuukira. pazida zosasinthidwa pamaneti am'deralo omwe ali ndi zovuta zosalongosoka (mwachitsanzo, zinali zotheka kuwukira kompyuta yosasinthidwa ndi Windows 7 pamaneti amkati kudzera pa NAT traversal).

Kuti agwiritse ntchito zofookazo, wowukirayo ayenera kukhala mkati mwa chipangizo chopanda zingwe chomwe akufuna kuti atumize mafelemu opangidwa mwapadera kwa wozunzidwayo. Mavutowa amakhudza zida zonse zamakasitomala ndi makadi opanda zingwe, komanso malo olowera ndi ma routers a Wi-Fi. Mwambiri, kugwiritsa ntchito HTTPS kuphatikiza ndi encrypting DNS traffic pogwiritsa ntchito DNS pa TLS kapena DNS pa HTTPS ndikokwanira ngati njira yothetsera. Kugwiritsa ntchito VPN ndikoyeneranso chitetezo.

Zowopsa kwambiri ndizovuta zinayi pakukhazikitsa zida zopanda zingwe, zomwe zimalola njira zazing'ono kuti zitheke kulowa m'malo mwa mafelemu awo osalembetsedwa:

  • Vulnerabilities CVE-2020-26140 ndi CVE-2020-26143 amalola kuyika chimango pamalo ena olowera ndi makhadi opanda zingwe pa Linux, Windows, ndi FreeBSD.
  • Vulnerability VE-2020-26145 imalola zidutswa zowulutsa zosasinthika kuti zisinthidwe ngati mafelemu athunthu pa macOS, iOS ndi FreeBSD ndi NetBSD.
  • Vulnerability CVE-2020-26144 imalola kukonzedwa kwa mafelemu osasindikizidwa a A-MSDU olumikizidwanso ndi EtherType EAPOL mu Huawei Y6, Nexus 5X, FreeBSD ndi LANCOM AP.

Ziwopsezo zina pakukhazikitsa zimagwirizana kwambiri ndi zovuta zomwe zimachitika mukakonza mafelemu ogawika:

  • CVE-2020-26139: Imalola kuwongoleranso mafelemu okhala ndi mbendera ya EAPOL yotumizidwa ndi wotumiza wosavomerezeka (amakhudza malo odalirika a 2/4, komanso mayankho a NetBSD ndi FreeBSD).
  • CVE-2020-26146: imalola kusonkhanitsanso zidutswa zobisidwa popanda kuyang'ana nambala yotsatizana.
  • CVE-2020-26147: Imalola kusonkhanitsanso zidutswa zosakanikirana zobisika komanso zosasungidwa.
  • CVE-2020-26142: Imalola mafelemu ogawanika kuti asamalidwe ngati mafelemu athunthu (amakhudza OpenBSD ndi ESP12-F opanda zingwe module).
  • CVE-2020-26141: TKIP MIC cheke ikusowa pamafelemu ogawanika.

Mafotokozedwe:

  • CVE-2020-24588 - kuwukira kwa mafelemu ophatikizika (mbendera "yophatikizika" siyitetezedwa ndipo imatha kusinthidwa ndi wowukira mu mafelemu a A-MSDU mu WPA, WPA2, WPA3 ndi WEP). Chitsanzo cha kuwukira komwe kukugwiritsidwa ntchito ndikutumiza wosuta ku seva yoyipa ya DNS kapena kudutsa NAT.
    FragAttacks - zofooka zingapo pamiyezo ya Wi-Fi ndi kukhazikitsa
  • CVE-2020-245870 ndikuwukira kofunikira kosakanikirana (kulola kuti zidutswa zobisika pogwiritsa ntchito makiyi osiyanasiyana mu WPA, WPA2, WPA3 ndi WEP kuti asonkhanitsidwenso). Kuwukira kumakupatsani mwayi wodziwa zomwe kasitomala amatumiza, mwachitsanzo, kudziwa zomwe zili mu Cookie mukalowa kudzera pa HTTP.
    FragAttacks - zofooka zingapo pamiyezo ya Wi-Fi ndi kukhazikitsa
  • CVE-2020-24586 ndikuwukira kwa fragment cache (miyezo yophimba WPA, WPA2, WPA3 ndi WEP safuna kuchotsedwa kwa zidutswa zomwe zasungidwa kale mu cache pambuyo pa kulumikizidwa kwatsopano ndi netiweki). Imakulolani kuti mudziwe zambiri zomwe zimatumizidwa ndi kasitomala ndikusintha deta yanu.
    FragAttacks - zofooka zingapo pamiyezo ya Wi-Fi ndi kukhazikitsa

Kuti muyese kuchuluka kwa zovuta za zida zanu, zida zapadera ndi chithunzi chopangidwa mokhazikika chopangira chosungira cha USB chokhazikika chakonzedwa. Pa Linux, zovuta zimawonekera mu mac80211 mesh opanda zingwe, madalaivala opanda zingwe pawokha, ndi firmware yoyikidwa pamakadi opanda zingwe. Kuti athetse chiwopsezocho, zida zakonzedwa zomwe zikuphatikiza mac80211 stack ndi oyendetsa ath10k/ath11k. Zida zina, monga makhadi opanda zingwe a Intel, zimafunikira kusintha kwa firmware.

Kuyesa kwa zida zofananira:

FragAttacks - zofooka zingapo pamiyezo ya Wi-Fi ndi kukhazikitsa

Mayesero a makhadi opanda zingwe mu Linux ndi Windows:

FragAttacks - zofooka zingapo pamiyezo ya Wi-Fi ndi kukhazikitsa

Kuyesa kwamakhadi opanda zingwe mu FreeBSD ndi NetBSD:

FragAttacks - zofooka zingapo pamiyezo ya Wi-Fi ndi kukhazikitsa

Opanga adadziwitsidwa za mavutowa miyezi 9 yapitayo. Nthawi yayitali yotereyi ikufotokozedwa ndi kukonzedwa kogwirizana kwa zosintha ndi kuchedwa pakukonzekera zosintha zamagulu a ICASI ndi Wi-Fi Alliance. Poyambirira, idakonzedwa kuti iwulule zambiri pa Marichi 9, koma, atafanizira zoopsazo, adaganiza zoyimitsa kufalitsa kwa miyezi ina iwiri kuti apereke nthawi yochulukirapo yokonzekera zigamba, poganizira za kusintha komwe sikuli kocheperako. kupangidwa ndi zovuta zomwe zimabwera chifukwa cha mliri wa COVID-19.

Ndizofunikira kudziwa kuti ngakhale zinali zoletsedwa, Microsoft idakonza zofooka zina pasadakhale pakusintha kwa Marichi Windows. Kuwululidwa kwa zidziwitso kudayimitsidwa sabata isanakwane tsiku lomwe lidakonzedweratu ndipo Microsoft inalibe nthawi kapena sanafune kusintha zosintha zomwe zidakonzekera kusindikizidwa, zomwe zidawopseza ogwiritsa ntchito machitidwe ena, popeza owukira amatha kudziwa zambiri za ziwopsezo kudzera m'malo osinthira zomwe zili muzosintha.

Source: opennet.ru

Kuwonjezera ndemanga